Commit History - (may be incomplete: see SVNWeb link above for full details) |
Date | By | Description |
19 Jan 2021 20:24:46
4.0

|
decke  |
net/chrony: Preparations for a new slave port
PR: 252584
Submitted by: myself
Approved by: mandree@ |
07 Oct 2020 17:40:56
4.0

|
mandree  |
net/chrony: update to 4.0 release
Changelog: https://git.tuxfamily.org/chrony/chrony.git/tree/NEWS?id=4.0#n1
Update options (unfortunately the crypto stuff is a bit contorted
with NSS <-> Nettle incompatibilities and NTS requiring GnuTLS and Nettle). |
22 Aug 2020 11:03:03
3.5.1

|
mandree  |
net/chrony: security update to 3.5.1
This upstream update essentially contains one Git commit:
https://git.tuxfamily.org/chrony/chrony.git/commit/?h=3.5-stable&id=f00fed20092b6a42283f29c6ee1f58244d74b545
It is to fix a symlink vulnerability when writing the pidfile.
Changelog:
https://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-announce/2020/08/msg00000.html
MFH: 2020Q2 (blanket: upstream has one specific git commit between 3.5 and
3.5.1)
Security: CVE-2020-14367
Security: 719f06af-e45e-11ea-95a1-c3b8167b8026 |
16 May 2020 10:51:33
3.5_3

|
sunpoet  |
Bump PORTREVISION for security/nettle shlib change |
08 May 2020 01:35:58
3.5_2

|
mandree  |
net/chrony: option to use system ntpd user/group
USER_DESC was reworded to make purpose clearer.
While here, shuffle things a bit to appease portclippy.
PR: 246293
Submitted by: olivier@ |
06 Apr 2020 16:27:48
3.5_2

|
mandree  |
net/chrony: fix regression, remove pidfile= from rc.d script
chrony handles its own pidfile, and still our status method works,
so avoid missing chrony's own lock management.
PR: 245399
Reported by: Peter Putzer |
05 Apr 2020 21:27:56
3.5_1

|
mandree  |
net/chrony: take maintainership, repeated timeouts from yonas@fizk.net |
05 Apr 2020 21:20:11
3.5_1

|
mandree  |
net/chrony: make NETTLE build robust, improve rc script, re-enable NSS
Changes by Colin T.:
* Always require pkgconfig instead of only requiring it for NSS,
because otherwise chrony does not link reliably to nettle. [1]
* Add pidfile to rc.d script to stop it from complaining when
stopping chronyd. [1]
* Document chronyd_* options in rc.d script. [1]
Changes by Matthias Andree:
* Move USES line up to please portlint.
* Add HTMLDOCS option, to build and install HTML docs. IMPLIES DOCS.
Needs textproc/asciidoctor (rubygem) as build requisite.
* Turn CRYPTLIB into a _RADIO to choose at most one from NSS + NETTLE.
* Under WITH_DEBUG, add --enable-debug to CONFIGURE_ARGS.
* Remove @ (silent) from Makefile commands.
* Remove NSS_BROKEN, chrony 3.5 appears to work with NSS. Updates [3].
PR: 244534 [1]
PR: 242510 [2]
PR: 223840 [3]
Submitted by: Colin T. <bugzilla@nulldir.e4ward.com> [1]
Reported by: Matt Smith <freebsd@xtaz.uk> [2]
Approved by: maintainer timeout (yonas@fizk.net, 36 days) |
09 Oct 2019 12:17:15
3.5

|
bapt  |
Drop the ipv6 virtual category for n* category as it is not relevant anymore |
02 Sep 2019 22:35:05
3.5

|
swills  |
net/chrony: Update to 3.5
PR: 239596
Submitted by: Colin T. <bugzilla@nulldir.e4ward.com>
Approved by: maintainer timeout (yonas@fizk.net, >1 month) |
09 Jul 2019 17:13:07
3.4_2

|
sunpoet  |
Update security/nettle to 3.5.1
- Bump PORTREVISION of dependent ports for shlib change
- Fix build of devel/pijul [1]
Changes: https://git.lysator.liu.se/nettle/nettle/blob/master/NEWS
PR: 238991
Exp-run by: antoine
Thanks to: tobik [1] |
27 Dec 2018 20:41:54
3.4_1

|
decke  |
net/chrony: Fix chrony running as server and using bindaddress
On FreeBSD, sendmsg() fails when IP_SENDSRCADDR specifies a source
address on a socket that is bound to the address. This prevents a server
configured with the bindaddress directive from responding to clients.
Add a new variable to check whether the server IPv4 socket is not bound
before setting the source address.
PR: 233644
Submitted by: Colin T <bugzilla@nulldir.e4ward.com>
Reported by: ddrinnon@cdor.net
Approved by: maintainer timeout (> 3 weeks)
Obtained
from: https://git.tuxfamily.org/chrony/chrony.git/commit/?id=6af39d63aa9323b4b8c39efe24ae0c88c949a901 |
23 Nov 2018 20:46:27
3.4

|
swills  |
net/chrony: Update to 3.4
PR: 232823
Submitted by: Colin T. <bugzilla@nulldir.e4ward.com>
Approved by: maintainer timeout (yonas@fizk.net, >3 weeks) |
30 Aug 2018 04:05:08
3.3

|
danfe  |
Remove redundant DOCS, NLS, EXAMPLES, and IPV6 from OPTIONS_DEFAULT as they
are put there by the framework (see line 200 of Mk/bsd.options.mk), except
for `finance/quantlib' which makes very unorthodoxal usage of port options. |
09 May 2018 03:01:58
3.3

|
tobik  |
net/chrony: Update to 3.3
- Add explicit DOCS, EXAMPLES options
- Replace %%PREFIX%% in sample files
- Make sure chronyc is really linked with libedit from ports
- Add support for security/nettle and use it by default since chrony crashes
on startup when built with NSS. [1]
PR: 227779, 223840 [1]
Submitted by: takefu@airport.fm
Approved by: maintainer |
20 Nov 2017 13:49:59
3.1_3

|
rodrigo  |
Add missing lib dependency in the original patch
Bump PORTREVISION
PR: 217691
Submitted by: John Hein <z7dr6ut7gs@snkmail.com>
Approved by: Yonas Yanfa <yonas@fizk.net> |
18 Nov 2017 22:41:34
3.1_2

|
rodrigo  |
Makes the NSS dependency explicit, and perform cleanup
Bump PORTREVISION
Before this patch if nss is installed when crony is built, there's a silent lib
dependency on nss, and if nss is subsequently uninstalled chrony breaks.
NSS is now turned on by default adding support for a number of more modern
hashing algorithms than md5.
Cleanup:
- --infodir is not a valid configure option (since 2.3 I think)
- USES=localbase instead of LDFLAGS
- add explicit --without-tomcrypt [1]
- add support for passing chronyd_flags to chronyd in rc.d script
- fix some hard-coded /usr/local in examples
PR: 217691
Submitted by: John Hein <z7dr6ut7gs@snkmail.com>
Approved by: Yonas Yanfa <yonas@fizk.net> (maintainer) |
16 Nov 2017 19:11:42
3.1_1

|
feld  |
net/chrony: Remove dubious security warnings in pkg-message
PR: 223647
MFH: 2017Q4 |
06 Mar 2017 06:53:39
3.1

|
wen  |
- Update to 3.1
PR: 217573
Submitted by: yonas@fizk.net(maintainer) |
13 Feb 2017 18:05:34
3.0

|
krion  |
Update net/chrony: enable privilege separation and other minor changes.
- enables privilege separation
- removes the build dependency on asciidoctor
- removes the runtime dependency on makeinfo and readline
- add a runtime dependency on libedit
- do not install the HTML documentation (in favour of man pages)
- update the post-install message (pkg-message) in light of privilege separation
- set the permission of /var/db/chrony to the new "chronyd" user and group
PR: 216737
Submitted by: maintainer
Approved by: mat (mentor)
Differential Revision: https://reviews.freebsd.org/D9570 |
31 Jan 2017 03:40:46
3.0

|
linimon  |
Mark various ports broken on aarch64 and armv6.
Approved by: portmgr (tier-2 blanket) |
17 Jan 2017 17:37:21
3.0

|
amdmi3  |
- Update to 3.0
- While here, add LICENSE_FILE and remove unneeded @dir
PR: 216184
Submitted by: yonas@fizk.net (maintainer) |
02 Dec 2016 11:58:22
2.4.1

|
mat  |
Do not use post-stage. Use post-install instead.
The only reason to use post-stage is because the port needs to do
"things" at a later time, like some plist manipulation.
While there, fold post-install in do-install targets when they are
defined.
PR: 214780
Submitted by: mat
Exp-run by: antoine
Sponsored by: Absolight |
29 Nov 2016 23:53:36
2.4.1

|
junovitch  |
net/chrony: update 2.4 -> 2.4.1
PR: 214749
Submitted by: Yonas Yanfa <yonas@fizk.net> (maintainer) |
12 Jun 2016 10:41:45
2.4

|
pi  |
net/chrony: 2.3 -> 2.4
Changes:
http://chrony.tuxfamily.org/news.html
PR: 210190
Submitted by: Yonas Yanfa <yonas@fizk.net> (maintainer) |
06 Jun 2016 16:50:14
2.3

|
danfe  |
- Remove ONLY_FOR_ARCHS restriction as chronyd(8) runs fine on PowerPC now
- Remove no-op OPTIONS_DEFAULT=IPV6, which was bogusly re-added in r416385
by pi@ after it was previously removed by amdmi3@ in r416447
- Sanitize `post-stage' target recipe (still needs more work to decouple
extra docs and examples properly and add them to OPTIONS_DEFINE)
Tested on: Mac mini G4 (powerpc) |
05 Jun 2016 03:35:27
2.3

|
pi  |
net/chrony: 2.2 -> 2.3
- submitter becomes maintainer after repeated maintainer timeouts
Enhancements
- Add support for NTP and command response rate limiting
- Add support for dropping root privileges on Mac OS X, FreeBSD, Solaris
- Add require and trust options for source selection
- Enable logchange by default (1 second threshold)
- Set RTC on Mac OS X with rtcsync directive
- Allow binding to NTP port after dropping root privileges on NetBSD
- Drop CAP_NET_BIND_SERVICE capability on Linux when NTP port is disabled
- Resolve names in separate process when seccomp filter is enabled
- Replace old records in client log when memory limit is reached
- Don't reveal local time and synchronisation state in client packets (Only the first 15 lines of the commit message are shown above ) |
23 May 2016 20:35:01
2.2

|
amdmi3  |
Remove NLS, DOCS, EXAMPLES and IPV6 from OPTIONS_DEFAULT, they are enabled by
default anyway and don't need to be listed
Approved by: portmgr blanket |
27 Dec 2015 12:53:33
2.2

|
riggs  |
Update to upstream version 2.2; general cleanup
Detailed log by submitter:
- Update net/chrony to latest upstream version - 2.2
- install info
- point to /var/db instead of /var/lib (per hier(7))
- use doc/install-docs target; install more docs (PORTDOCS)
- use @sample to a sample .conf file (not for .keys which will require
manual intervention); others in examples dir (use PORTEXAMPLES)
- rm old post-install target
- fix example files for freebsd/prefix paths & ntp server names, add
info regarding how to do log rotation if logging turned on.
PR: 204817
Submitted by: z7dr6ut7gs@snkmail.com
Approved by: maintainer timeout |
23 Nov 2015 20:04:20
1.31.1

|
pi  |
net/chrony: prefix fix, remove setuid-root mode
PR: 204018
Submitted by: John Hein <z7dr6ut7gs@snkmail.com>
Reviewed by: koobs
Approved by: masaki@club.kyutech.ac.jp (maintainer timeout) |
23 May 2015 18:59:12
1.31.1

|
pi  |
net/chrony: 1.31 -> 1.31.1
- Update to 1.31.1 to resolve CVE-2015-1799, CVE-2015-1821, and CVE-2015-1822
- Regenerate patches with `make makepatch` to quiet portlint
- Strip binaries
PR: 199508
Submitted by: Jason Unovitch <jason.unovitch@gmail.com>
Approved by: masaki@club.kyutech.ac.jp (maintainer timeout) |
22 Apr 2015 11:43:13
1.31

|
robak  |
net/chrony: add CPE info
PR: 199513
Submitted by: jbeich
Approved by: portmgr blanket |
01 Nov 2014 16:17:49
1.31

|
madpilot  |
- Update to 1.31 [1]
While here:
- Add makeinfo and readline uses
- Fix plist orphans
PR: 194079 [1]
Submitted by: Kevin Thompson <antiduh at csh.rit.edu>
Approved by: maintainer timeout |
09 Apr 2014 09:01:41
1.29.1

|
danfe  |
Some minor, non-functional wording and grammar nits. |
08 Apr 2014 17:06:59
1.29.1

|
danfe  |
Add a port of system clock synchronization client and server (chrony).
WWW: http://chrony.tuxfamily.org/
PR: ports/174263 |